Static task
static1
Behavioral task
behavioral1
Sample
406f96e6df535aa47fd72f7a25e9c9bd518b3743ebca6531b2a296de45435e86.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
406f96e6df535aa47fd72f7a25e9c9bd518b3743ebca6531b2a296de45435e86.exe
Resource
win10v2004-20240412-en
General
-
Target
406f96e6df535aa47fd72f7a25e9c9bd518b3743ebca6531b2a296de45435e86
-
Size
1.7MB
-
MD5
e2cb6c7478157ff9be5d075ad0966b08
-
SHA1
a07905782dbdfab2c782ec01c19360e829053fa6
-
SHA256
406f96e6df535aa47fd72f7a25e9c9bd518b3743ebca6531b2a296de45435e86
-
SHA512
58b1bb7a584c852b62cefd7d46d437034cf1c631ff2515bc3c8b3ab7e58bc9a6f760f7cccd889a128449d38d9dfd10b92c0a882dc1da0dcc5944629371a48487
-
SSDEEP
49152:VM24WZLqzSrlycPePxIkIkSw2AsDOL9DRh/49D:a24SkSRyc0bDsD2hq
Malware Config
Signatures
-
Detects executables containing possible sandbox analysis VM usernames 1 IoCs
resource yara_rule sample INDICATOR_SUSPICIOUS_EXE_SandboxUserNames -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 406f96e6df535aa47fd72f7a25e9c9bd518b3743ebca6531b2a296de45435e86
Files
-
406f96e6df535aa47fd72f7a25e9c9bd518b3743ebca6531b2a296de45435e86.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE